Zappos customers on alert after cyber attack – the lesson for all of us

Cyberfraud is always rampant, but what’s next this week? Online shoe retailer, Zappos, is warning customers that their personal data may have been accessed including your email address, name, billing and shipping address, phone number, and the last four digits of your credit card number, and maybe even a scrambled version of your password. Yikes!

The email sent to customers tells you to change your password. The company discontinued the passwords that were stolen in their scrambled form so accounts can no longer be accessed without a new password.

To reset your password on Zappos, you simply submit your email address and they send you a new password. Be warned – the new password doesn’t arrive in your email right away. Zappos says it’s had a large number of requests, obviously, and it may take up to 30 minutes.

Password management
Here’s the problem – if you use your Zappos password on other websites you may be vulnerable on other sites. The thieves dig for more information when they get a few pieces. Sometimes those pieces are enough to steal your identity or at least commit more fraud.

That’s why you are always told not to use the same password on multiple sites, but just like you I am guilty of that. It’s hard to create a different password for every site and remember it. That’s why some security consultants recommend a password management program like KeePass. It’s free software that manages all your passwords so you can use different ones on different sites, and it recommends more complicated passwords so your accounts are more difficult to hack.

Finally, don’t use public computers. There may be software installed on it that can steal your keystrokes. Think it can’t happen to you, think again. Click here to see that story. It will make you resist the urge the next time you are on vacation.

Damage control
At this point, the damage is done. The thieves hopefully won’t be able to unscramble the passwords they got, but who knows.  These attacks are very sophisticated and their capabilities seem limitless sometimes. With the last four digits of your credit card and address it may make it easier for thieves to hack into your another accounts.

Change the passwords on other accounts especially your bank and popular ones like Facebook and Twitter if you think they are similar to your Zappos account.

Also, be on alert and don’t fall for spam or phone calls that ask you to verify personal information.

Related links you may like:
Facebook and Twitter security
Erasing your digital footprint
Online hacking schemes – email and Facebook accounts exposed

About these ads

One response to “Zappos customers on alert after cyber attack – the lesson for all of us

  1. Pingback: Do data breaches lead to identity theft or fraud? | Jenn Strathman